| @@ -1,16 +1,16 @@ | | | @@ -1,16 +1,16 @@ |
1 | #!/bin/sh | | 1 | #!/bin/sh |
2 | | | 2 | |
3 | # $NetBSD: certctl.sh,v 1.6 2024/03/03 15:53:55 riastradh Exp $ | | 3 | # $NetBSD: certctl.sh,v 1.7 2024/03/04 20:37:31 riastradh Exp $ |
4 | # | | 4 | # |
5 | # Copyright (c) 2023 The NetBSD Foundation, Inc. | | 5 | # Copyright (c) 2023 The NetBSD Foundation, Inc. |
6 | # All rights reserved. | | 6 | # All rights reserved. |
7 | # | | 7 | # |
8 | # Redistribution and use in source and binary forms, with or without | | 8 | # Redistribution and use in source and binary forms, with or without |
9 | # modification, are permitted provided that the following conditions | | 9 | # modification, are permitted provided that the following conditions |
10 | # are met: | | 10 | # are met: |
11 | # 1. Redistributions of source code must retain the above copyright | | 11 | # 1. Redistributions of source code must retain the above copyright |
12 | # notice, this list of conditions and the following disclaimer. | | 12 | # notice, this list of conditions and the following disclaimer. |
13 | # 2. Redistributions in binary form must reproduce the above copyright | | 13 | # 2. Redistributions in binary form must reproduce the above copyright |
14 | # notice, this list of conditions and the following disclaimer in the | | 14 | # notice, this list of conditions and the following disclaimer in the |
15 | # documentation and/or other materials provided with the distribution. | | 15 | # documentation and/or other materials provided with the distribution. |
16 | # | | 16 | # |
| @@ -430,26 +430,27 @@ rehash() | | | @@ -430,26 +430,27 @@ rehash() |
430 | if [ -f "$certsdir/.certctl" ]; then | | 430 | if [ -f "$certsdir/.certctl" ]; then |
431 | # Directory exists and is managed by certctl(8). | | 431 | # Directory exists and is managed by certctl(8). |
432 | # Safe to delete it and everything in it. | | 432 | # Safe to delete it and everything in it. |
433 | run rm -rf -- "$certsdir" | | 433 | run rm -rf -- "$certsdir" |
434 | elif [ -h "$certsdir" ]; then | | 434 | elif [ -h "$certsdir" ]; then |
435 | # Paranoia: refuse to chase a symlink. (Caveat: this | | 435 | # Paranoia: refuse to chase a symlink. (Caveat: this |
436 | # is not secure against an adversary who can recreate | | 436 | # is not secure against an adversary who can recreate |
437 | # the symlink at any time. Just a helpful check for | | 437 | # the symlink at any time. Just a helpful check for |
438 | # mistakes.) | | 438 | # mistakes.) |
439 | error "certificates directory is a symlink" | | 439 | error "certificates directory is a symlink" |
440 | return 1 | | 440 | return 1 |
441 | elif [ ! -e "$certsdir" ]; then | | 441 | elif [ ! -e "$certsdir" ]; then |
442 | # Directory doesn't exist at all. Nothing to do! | | 442 | # Directory doesn't exist at all. Nothing to do! |
| | | 443 | : |
443 | elif [ ! -d "$certsdir" ]; then | | 444 | elif [ ! -d "$certsdir" ]; then |
444 | error "certificates directory is not a directory" | | 445 | error "certificates directory is not a directory" |
445 | return 1 | | 446 | return 1 |
446 | elif ! find -f "$certsdir" -- -maxdepth 0 -type d -empty -exit 1; then | | 447 | elif ! find -f "$certsdir" -- -maxdepth 0 -type d -empty -exit 1; then |
447 | # certsdir exists, is a directory, and is empty. Safe | | 448 | # certsdir exists, is a directory, and is empty. Safe |
448 | # to delete it with rmdir and take it over. | | 449 | # to delete it with rmdir and take it over. |
449 | run rmdir -- "$certsdir" | | 450 | run rmdir -- "$certsdir" |
450 | else | | 451 | else |
451 | error "existing certificates; set manual or move them" | | 452 | error "existing certificates; set manual or move them" |
452 | return 1 | | 453 | return 1 |
453 | fi | | 454 | fi |
454 | run mkdir -- "$certsdir" | | 455 | run mkdir -- "$certsdir" |
455 | if $vflag; then | | 456 | if $vflag; then |